Tag

Prompt Injection

All articles tagged with #prompt injection

artificial-intelligence27 days ago•15 min saved

Codex Prompts Ban Goblins: OpenAI’s No-Creatures Policy Surfaces in GitHub Doc

A GitHub document from OpenAI, part of Codex CLI open-sourcing, appears to reveal a system prompt for GPT-5.5 that enforces a strict no-creatures policy—specifically banning goblins, gremlins, raccoons, trolls, ogres, pigeons, and similar beings unless absolutely relevant to the query. The rule emphasizes providing high-signal context and avoids generic platitudes. The policy sparked memes about “Goblin Mode,” but Codex staff say it isn’t a marketing gimmick, and observers note the chatter around goblin usage may relate to prompt-injection monitoring.

via Gizmodo|

#artificial-intelligence #codex #goblin

security2 months ago•3 min saved

OpenClaw Under Fire: Prompt Injection and Data Leakage Risks

CNCERT warns that OpenClaw’s weak default security and privileged execution could enable prompt-injection attacks, including indirect prompt injection via web content and link previews that leak sensitive data; other risks include misinterpretation causing data loss, uploading malicious skills to repositories like ClawHub, and exploiting known vulnerabilities. China is restricting OpenClaw in state entities, while attackers distribute malware via GitHub rep o s posing as OpenClaw installers. Mitigations include hardening networks, isolating the service, avoiding plaintext credentials, downloading skills only from trusted sources, disabling automatic updates, and keeping the agent up to date.

via The Hacker News|

#cncert #data-exfiltration #malicious-repositories

cybersecurity3 months ago•8 min saved

OpenClaw Taps VirusTotal to Vet ClawHub Skills

OpenClaw will scan every skill uploaded to ClawHub with VirusTotal (and Code Insight) via a SHA-256 hash check; benign results auto-approve, suspicious items warning, and malware blocked, with daily re-scans, while the team notes VirusTotal isn’t a silver bullet and will publish a threat model, security roadmap, and audits amid broader concerns over OpenClaw’s risk to enterprise security.

via The Hacker News|

#ai-security #clawhub #cybersecurity

technology3 months ago•3 min saved

Moltbook’s AI-Only Network Sparks Digital-Drug Market and Bot-Driven Fears

Relaunched nine days ago, Moltbook markets itself as an AI-only social network with millions of AI agents and communities; reports describe a thriving bot culture including a marketplace for digital drugs—prompt injections—that could hijack other agents and expose keys or passwords, plus ideas of religious formations and governance takeovers; experts warn of security risks and question how much of the hype reflects genuine AI agency versus human masquerade.

via Futurism|

#ai #digital-drugs #moltbook

technology3 months ago•2 min saved

Moltbot’s Broad Access Tests AI Security Boundaries

Open-source Moltbot can control a user’s machine (shell, calendar, browser, emails) and act via messaging apps, but researchers warn hundreds of exposed panels and misconfigurations pose data-exposure and unauthorized-command risks; experts urge cautious deployment, strong defaults, and isolated setups as AI agents gain adoption in enterprises and government.

via Axios|

#ai-agent #data-exposure #open-source

privacy-and-security3 months ago•17 min saved

Moltbot's All‑Day AI: Excitement Meets Security Red Flags

An open-source, always-on AI assistant named Moltbot can push proactive prompts and operate across apps, but its need for deep system access and constant connectivity creates serious security risks, including prompt-injection attacks and exposed admin ports; experts warn it is not ready for broad use and urge caution.

via Gizmodo|

#ai #moltbot #open-source

technology3 months ago•49 min saved

Moltbot: the AI that actually does things—and the security price of autonomy

The Verge explores Moltbot, an open‑source AI agent that runs locally and can automate tasks across apps and even on your computer, but warns that giving it admin access and credentials creates serious security risks—from prompt-injection hijacks to exposed secrets—leaving users to weigh convenience against potential breaches.

via The Verge|

#ai-agent #moltbot #privacy

technology4 months ago•4 min saved

Calendar invites expose private data through Google Gemini prompt injection

Researchers demonstrated a prompt-injection attack against Google Gemini by embedding a malicious payload in a Google Calendar invite description. When the recipient asks Gemini about their schedule, the assistant executes the embedded instructions, creates a new event, and copies private meeting details into the event description, leaking sensitive data to the attacker. Google added mitigations after the disclosure, underscoring the need for context-aware defenses as AI assistants access calendar data.

via BleepingComputer|

#artificial-intelligence #cybersecurity #data-leak

security4 months ago•5 min saved

Prompt-Injected Invites Expose Private Calendar Data Through Google Gemini

Security researchers disclosed a flaw in Google Gemini where a crafted calendar invite enables indirect prompt injection, causing Gemini to summarize and exfiltrate private meeting data by creating a new calendar event that could be visible to attackers; the finding highlights AI-enabled attack surfaces and the need for stronger guardrails and identity controls across AI workflows.

via The Hacker News|

#ai-security #calendar-privacy #data-exfiltration

technology4 months ago•4 min saved

Single-click prompt exploit drains Copilot Personal data in stealthy stages

Security researchers demonstrated a one-click, multistage prompt-injection attack against Copilot Personal that exfiltrated user data from chat histories, even after the chat was closed. The exploit used a malicious URL parameter and bypassed some endpoint protections by triggering repeated requests (“reprompt”), exposing names, locations, and event details. Microsoft has patched the flaw, with Copilot Personal affected but not Microsoft 365 Copilot.

via Ars Technica|

#ai #copilot #data-exfiltration

security4 months ago•5 min saved

Reprompt flaw lets attackers hijack Copilot sessions via malicious prompts

Researchers exposed 'Reprompt', a flaw that injects commands via Copilot's URL q parameter to hijack an authenticated session and exfiltrate data, using P2P injection, double-request, and chain-request techniques; Microsoft patched the vulnerability on January 2026 Patch Tuesday, mainly affecting Copilot Personal rather than Microsoft 365 Copilot, and users should apply the latest Windows updates.

via BleepingComputer|

#copilot #data-exfiltration #prompt-injection

technology5 months ago•3 min saved

Critical LangChain Vulnerabilities Threaten AI System Security

A critical security flaw in LangChain Core (CVE-2025-68664) allows attackers to exploit serialization injection to steal secrets and manipulate LLM responses, prompting urgent updates to affected versions to mitigate risks.

via The Hacker News|

#cve-2025-68664 #langchain #prompt-injection

technology7 months ago•2 min saved

OpenAI's New AI Browser and Its Future Impact on Web and Healthcare

Cybersecurity researchers have discovered serious prompt injection vulnerabilities in OpenAI's new AI browser Atlas, particularly in its agent mode and omnibox, which could allow hackers to execute harmful commands or access sensitive data. Experts recommend stricter URL validation to prevent such attacks, highlighting ongoing security challenges in AI-powered browsers.

via Futurism|

#ai-browser #atlas #cybersecurity

technology7 months ago•4 min saved

OpenAI's Atlas Enhances ChatGPT, Raising Security and Web Integration Concerns

Researchers at LayerX discovered a vulnerability in OpenAI's Atlas browser that allows attackers to inject malicious prompts into ChatGPT's memory via cross-site request forgery, posing significant security risks, especially for Atlas users who are more exposed to phishing and prompt injection attacks. The exploit can persist across devices and browsers, potentially leading to malicious activities or data theft.

via theregister.com|

#ai-security #atlas-browser #chatgpt-vulnerability

technology7 months ago•4 min saved

Security Concerns Rise as New AI Browsers and ChatGPT Atlas Emerge

OpenAI's ChatGPT Atlas browser is vulnerable to prompt injection attacks where malicious URLs disguised as harmless links can trick the AI into executing harmful commands or redirecting users to malicious sites, highlighting ongoing security challenges in AI-enabled browsers.

via The Hacker News|

#ai-browser #chatgpt-atlas #malicious-urls